On 2021/12/04 00:49, Theo Buehler wrote: > No feedback. I'm going to commit this patch tomorrow.
OK. I've never used sshmitm though (and fortunately there aren't many devices around that still use SSHv1 to test it with!) > On Fri, Nov 26, 2021 at 09:18:21AM +0100, Theo Buehler wrote: > > The build fix is relatively straightforward, mostly based on Debian's > > patch set. > > > > https://sources.debian.org/patches/dsniff/2.4b1+debian-30/24_Fix-OpenSSL1.1.0-Build.patch/ > > > > If anyone uses this, a quick test would be appreciated. > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/security/dsniff/Makefile,v > retrieving revision 1.63 > diff -u -p -r1.63 Makefile > --- Makefile 12 Jul 2019 20:49:01 -0000 1.63 > +++ Makefile 25 Nov 2021 22:35:42 -0000 > @@ -3,7 +3,7 @@ > COMMENT= sniffing tools for penetration testing > > DISTNAME= dsniff-2.3 > -REVISION= 16 > +REVISION= 17 > CATEGORIES= security > > MASTER_SITES= http://monkey.org/~dugsong/dsniff/ > Index: patches/patch-arp_c > =================================================================== > RCS file: patches/patch-arp_c > diff -N patches/patch-arp_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-arp_c 25 Nov 2021 22:34:41 -0000 > @@ -0,0 +1,13 @@ > +$OpenBSD$ > + > +Index: arp.c > +--- arp.c.orig > ++++ arp.c > +@@ -32,6 +32,7 @@ > + #include <netinet/if_ether.h> > + #include <stdio.h> > + #include <stdlib.h> > ++#include <string.h> > + #include <unistd.h> > + > + #ifdef BSD > Index: patches/patch-buf_c > =================================================================== > RCS file: patches/patch-buf_c > diff -N patches/patch-buf_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-buf_c 25 Nov 2021 22:28:38 -0000 > @@ -0,0 +1,13 @@ > +$OpenBSD$ > + > +Index: buf.c > +--- buf.c.orig > ++++ buf.c > +@@ -12,6 +12,7 @@ > + #include <sys/types.h> > + #include <stdio.h> > + #include <stdlib.h> > ++#include <string.h> > + #include <stdarg.h> > + #include <unistd.h> > + #include <ctype.h> > Index: patches/patch-ssh_c > =================================================================== > RCS file: patches/patch-ssh_c > diff -N patches/patch-ssh_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-ssh_c 26 Nov 2021 07:04:59 -0000 > @@ -0,0 +1,161 @@ > +$OpenBSD$ > + > +Based on > https://sources.debian.org/patches/dsniff/2.4b1+debian-30/24_Fix-OpenSSL1.1.0-Build.patch/ > + > +Index: ssh.c > +--- ssh.c.orig > ++++ ssh.c > +@@ -13,6 +13,8 @@ > + #include <sys/param.h> > + #include <sys/types.h> > + #include <arpa/nameser.h> > ++#include <openssl/err.h> > ++#include <openssl/md5.h> > + #include <openssl/ssl.h> > + #include <openssl/rand.h> > + > +@@ -86,7 +88,7 @@ static u_int crc32_tab[] = { > + static u_char pkt[4 + 8 + SSH_MAX_PKTLEN]; > + > + static void > +-put_bn(BIGNUM *bn, u_char **pp) > ++put_bn(const BIGNUM *bn, u_char **pp) > + { > + short i; > + > +@@ -116,7 +118,7 @@ get_bn(BIGNUM *bn, u_char **pp, int *lenp) > + } > + > + static u_char * > +-ssh_session_id(u_char *cookie, BIGNUM *hostkey_n, BIGNUM *servkey_n) > ++ssh_session_id(u_char *cookie, const BIGNUM *hostkey_n, const BIGNUM > *servkey_n) > + { > + static u_char sessid[16]; > + u_int i, j; > +@@ -231,7 +233,10 @@ SSH_accept(SSH *ssh) > + u_char *p, cipher, cookie[8], msg[1024]; > + u_int32_t num; > + int i; > +- > ++ > ++ const BIGNUM *servkey_e, *servkey_n; > ++ const BIGNUM *hostkey_e, *hostkey_n; > ++ > + /* Generate anti-spoofing cookie. */ > + RAND_bytes(cookie, sizeof(cookie)); > + > +@@ -240,11 +245,13 @@ SSH_accept(SSH *ssh) > + *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ > + memcpy(p, cookie, 8); p += 8; /* cookie */ > + num = 768; PUTLONG(num, p); /* servkey bits */ > +- put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ > +- put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ > ++ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); > ++ put_bn(servkey_e, &p); /* servkey exponent */ > ++ put_bn(servkey_n, &p); /* servkey modulus */ > + num = 1024; PUTLONG(num, p); /* hostkey bits */ > +- put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ > +- put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ > ++ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); > ++ put_bn(hostkey_e, &p); /* hostkey exponent */ > ++ put_bn(hostkey_n, &p); /* hostkey modulus */ > + num = 0; PUTLONG(num, p); /* protocol flags */ > + num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ > + num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ > +@@ -295,7 +302,7 @@ SSH_accept(SSH *ssh) > + SKIP(p, i, 4); > + > + /* Decrypt session key. */ > +- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { > ++ if (BN_cmp(servkey_n, hostkey_n) > 0) { > + rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); > + rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); > + } > +@@ -315,8 +322,8 @@ SSH_accept(SSH *ssh) > + BN_clear_free(enckey); > + > + /* Derive real session key using session id. */ > +- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, > +- ssh->ctx->servkey->n)) == NULL) { > ++ if ((p = ssh_session_id(cookie, hostkey_n, > ++ servkey_n)) == NULL) { > + warn("ssh_session_id"); > + return (-1); > + } > +@@ -325,10 +332,8 @@ SSH_accept(SSH *ssh) > + } > + /* Set cipher. */ > + if (cipher == SSH_CIPHER_3DES) { > +- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); > +- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); > +- ssh->encrypt = des3_encrypt; > +- ssh->decrypt = des3_decrypt; > ++ warnx("cipher 3des no longer supported"); > ++ return (-1); > + } > + else if (cipher == SSH_CIPHER_BLOWFISH) { > + ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); > +@@ -354,7 +359,10 @@ SSH_connect(SSH *ssh) > + u_char *p, cipher, cookie[8], msg[1024]; > + u_int32_t num; > + int i; > +- > ++ > ++ BIGNUM *servkey_n, *servkey_e; > ++ BIGNUM *hostkey_n, *hostkey_e; > ++ > + /* Get public key. */ > + if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { > + warn("SSH_recv"); > +@@ -376,21 +384,23 @@ SSH_connect(SSH *ssh) > + > + /* Get servkey. */ > + ssh->ctx->servkey = RSA_new(); > +- ssh->ctx->servkey->n = BN_new(); > +- ssh->ctx->servkey->e = BN_new(); > ++ servkey_n = BN_new(); > ++ servkey_e = BN_new(); > ++ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); > + > + SKIP(p, i, 4); > +- get_bn(ssh->ctx->servkey->e, &p, &i); > +- get_bn(ssh->ctx->servkey->n, &p, &i); > ++ get_bn(servkey_e, &p, &i); > ++ get_bn(servkey_n, &p, &i); > + > + /* Get hostkey. */ > + ssh->ctx->hostkey = RSA_new(); > +- ssh->ctx->hostkey->n = BN_new(); > +- ssh->ctx->hostkey->e = BN_new(); > ++ hostkey_n = BN_new(); > ++ hostkey_e = BN_new(); > ++ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); > + > + SKIP(p, i, 4); > +- get_bn(ssh->ctx->hostkey->e, &p, &i); > +- get_bn(ssh->ctx->hostkey->n, &p, &i); > ++ get_bn(hostkey_e, &p, &i); > ++ get_bn(hostkey_n, &p, &i); > + > + /* Get cipher, auth masks. */ > + SKIP(p, i, 4); > +@@ -402,8 +412,8 @@ SSH_connect(SSH *ssh) > + RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); > + > + /* Obfuscate with session id. */ > +- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, > +- ssh->ctx->servkey->n)) == NULL) { > ++ if ((p = ssh_session_id(cookie, hostkey_n, > ++ servkey_n)) == NULL) { > + warn("ssh_session_id"); > + return (-1); > + } > +@@ -419,7 +429,7 @@ SSH_connect(SSH *ssh) > + else BN_add_word(bn, ssh->sesskey[i]); > + } > + /* Encrypt session key. */ > +- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { > ++ if (BN_cmp(servkey_n, hostkey_n) < 0) { > + rsa_public_encrypt(bn, bn, ssh->ctx->servkey); > + rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); > + } > Index: patches/patch-sshcrypto_c > =================================================================== > RCS file: /cvs/ports/security/dsniff/patches/patch-sshcrypto_c,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-sshcrypto_c > --- patches/patch-sshcrypto_c 29 May 2015 15:57:29 -0000 1.3 > +++ patches/patch-sshcrypto_c 26 Nov 2021 07:06:11 -0000 > @@ -1,6 +1,13 @@ > $OpenBSD: patch-sshcrypto_c,v 1.3 2015/05/29 15:57:29 jca Exp $ > ---- sshcrypto.c.orig Tue Nov 28 22:23:28 2000 > -+++ sshcrypto.c Fri May 29 17:56:22 2015 > + > +Use DES API instead of des > + > +OpenSSL 1.1 API conversion based on > +https://sources.debian.org/patches/dsniff/2.4b1+debian-30/24_Fix-OpenSSL1.1.0-Build.patch/ > + > +Index: sshcrypto.c > +--- sshcrypto.c.orig > ++++ sshcrypto.c > @@ -15,7 +15,9 @@ > #include <sys/types.h> > #include <openssl/ssl.h> > @@ -22,7 +29,33 @@ $OpenBSD: patch-sshcrypto_c,v 1.3 2015/0 > }; > > void > -@@ -153,13 +155,13 @@ des3_init(u_char *sesskey, int len) > +@@ -37,10 +39,12 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) > + u_char *inbuf, *outbuf; > + int len, ilen, olen; > + > +- if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) > ++ const BIGNUM *n, *e; > ++ RSA_get0_key(key, &n, &e, NULL); > ++ if (BN_num_bits(e) < 2 || !BN_is_odd(e)) > + errx(1, "rsa_public_encrypt() exponent too small or not odd"); > + > +- olen = BN_num_bytes(key->n); > ++ olen = BN_num_bytes(n); > + outbuf = malloc(olen); > + > + ilen = BN_num_bytes(in); > +@@ -69,7 +73,9 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) > + u_char *inbuf, *outbuf; > + int len, ilen, olen; > + > +- olen = BN_num_bytes(key->n); > ++ const BIGNUM *n; > ++ RSA_get0_key(key, &n, NULL, NULL); > ++ olen = BN_num_bytes(n); > + outbuf = malloc(olen); > + > + ilen = BN_num_bytes(in); > +@@ -153,13 +159,13 @@ des3_init(u_char *sesskey, int len) > if ((state = malloc(sizeof(*state))) == NULL) > err(1, "malloc"); > > @@ -40,7 +73,7 @@ $OpenBSD: patch-sshcrypto_c,v 1.3 2015/0 > > memset(state->iv1, 0, 8); > memset(state->iv2, 0, 8); > -@@ -175,9 +177,9 @@ des3_encrypt(u_char *src, u_char *dst, int len, void * > +@@ -175,9 +181,9 @@ des3_encrypt(u_char *src, u_char *dst, int len, void * > estate = (struct des3_state *)state; > memcpy(estate->iv1, estate->iv2, 8); > > @@ -53,7 +86,7 @@ $OpenBSD: patch-sshcrypto_c,v 1.3 2015/0 > } > > void > -@@ -188,7 +190,7 @@ des3_decrypt(u_char *src, u_char *dst, int len, void * > +@@ -188,7 +194,7 @@ des3_decrypt(u_char *src, u_char *dst, int len, void * > dstate = (struct des3_state *)state; > memcpy(dstate->iv1, dstate->iv2, 8); > >
